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REMARKS 

Claims 10, 1 1 and 14-16 are amended. Claims 1, 6, 7, 9, 17, 25-27 and 29-32 are 
canceled. Claims 33-52 have been added. Claims 10, 11, 14-16, and 33-52 are pending 
in the application. The amendments as indicated herein do not add any new matter to this 
application. 

CLAIMS 1, 6, 7, 9-1 1, 14-17, 25-27 AND 29-32 - FREED 

Claims 1, 6, 7, 9-11, 14-17, 25-27 and 29-32 were rejected under 35 U.S.C. § 
102(e) as being anticipated, allegedly, by Freed, et al., U.S. Patent No. 7,039,053 Bl 
(Freed). All of these rejections are traversed, respectfully, for at least the reasons 
discussed below. 

Since Claims 1, 6, 7, 9, 17, 25-27 and 29-32 have been cancelled, the rejection to 
those particular claims is thus moot. However, newly added claims such as independent 
Claims 33, 36, 37 and 45 and the dependent claims thereof recite features of Claim 1, 9, 
17, 25 and 26, and their previous dependent claims, the discussion herein addresses 
features of these newly added claims that are distinguishable from Freed. 

Claim 33 

Claim 33 recites, among other features, "identifying first sub-entries in a first 
access control list, wherein the first access control list comprises first entries, and 
wherein the first sub-entries identified from the first access control list comprise (i) 
disjoint entries of the first entries or (ii) overlapping sections identified from the 
first entries or (iii) non-overlapping sections identified from the first entries; 
programmatically determining whether the first access control list is functionally 
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equivalent to a second access control list by determining whether each of the first 
sub-entry in the first access control list is equivalent to or contained by one or more 
entries of the second access control list" (emphasis added). 

Neither Chase nor Arrow teaches, discloses or suggests all the features of Claim 

33. 

Comparing Two Access Control Lists 

Freed fails to disclose any feature relating to comparing two access control 
lists. Freed discloses a method to determine the validity of a policy table in a router 
(Abstract). The method determines whether any particular policy rule in the policy table 
intersects with any other policy rule in the same policy table (Id.). Therefore, even if 
the policy table in Freed were analogous to an access control list in Claim 33, Freed 
cannot possibly disclose comparing two access control lists as claimed by Claim 33, since 
Freed does not disclose any feature relating to comparing policy tables. 

Identifying Sub-Entries and Using the Sub-Entries 

Claim 33 features identifying sub-entries from entries in a first access control list 
before comparing it with a second access control list. The sub-entries comprise (i) 
disjoint entries of the first entries or (ii) overlapping sections identified from the 
first entries or (iii) non-overlapping sections identified from the first entries. 

Overlapping sections and non-overlapping sections are a result of decomposing the first 
entries in the first access control list, and do not appear as entries in the first access 
control list in the first place. Furthermore, in Claim 33, the comparison between the first 
access control list and a second access control list uses the sub-entries, not the first 
entries. 
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Freed fails to disclose any feature relating to identifying or using sub-entries. 

As noted above, Freed discloses a method that determines whether any particular policy 

rule in the policy table intersects with any other policy rule in the same policy table. 

The Office Action asserts that a passage in Freed discloses sub-entries (col. 5 

lines 18-29). However, that passage recites in its entirety: 

Thus, during on-line operation, when the router receives a new 
packet, the packet is first checked to see if it matches the first rule in 
the table-that is, if each of the packet's parameters fall within the 
ranges specified by the first rule. For example, a packet with a source 
IP address of 149,1 12.240.168, a destination IP address of 
128.153.4.200, any source port, and a destination port of 25 would 
match rule 1 in table 40 of FIG. 3, so the packet will be assigned a low 
priority. If a packet doesn't match any rule in the table, the last rule 
(such as rule 6 in table 40) will be applied to the packet by default 
after the packet has been compared to all the other rules in the table. 

Clearly, this passage fails to disclose any feature relating to sub-entries recited in 
Claim 33. Therefore, even if the policy rule in Freed were analogous to an entry in the 
first access control list in Claim 33, Freed still fails to disclose a feature of sub-entries, let 
alone a step of identifying sub-entries, as claimed in Claim 33. 

Furthermore, since Freed fails to disclose identifying sub-entries from first entries 
in a first access control list, it cannot possibly disclose using sub-entries, identified from 
entries in the first access control list, as a basis for comparing two access control lists, as 
claimed in Claim 33. 

Claims 36, 37 and 45 
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Claims 36, 37 and 45 each recite similar features as those discussed above with 
respect to Claim 33. Claims 36, 37 and 45 are recited in a format allowable by 35 USC 
§112, and correspond to method Claim 33 discussed above. Claims 37 and 45 are 
apparatus claims that each correspond to method Claim 33. Therefore, Applicants 
respectfully submit that Claims 36, 37 and 45 are patentable for at least the same reasons 
discussed above as to Claim 33. 

Claims 10, 11, 14-16, 34, 35, 38-44, and 46-52 

Each of Claims 10, 1 1, 14-16, 34, 35, 38-44, and 46-52 contains all the features of 
Claim 33, 37 and 45 discussed above and are patentable for the same reasons discussed 
above with respect to Claim 33, 37 and 45. Further, Claims 10, 11, 14-16, 34, 35, 38-44, 
and 46-52 feature limitations that individually render them patentable. Due to the 
fundamental differences already identified, a separate discussion of those features is not 
included at this time. For all the foregoing reasons, Applicants respectfully submit that 
Claims 10, 1 1, 14-16, 34, 35, 38-44, and 46-52 are allowable over the cited references. 
INTERVIEW SUMMARY 

The Applicant thanks the Examiners for the Interview conducted on August 9, 
2006. The interview was between Examiners Aravind K. Moorthy and Syed Zia and the 
Applicants' Representatives, Chris J. Brokaw and Zhichong Gu. Pending Claim 33 and 
its dependents were discussed along with U.S. Patent No. 7,039,053 issued to Freed et al. 
No agreement was reached. 
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CONCLUSION 

For the reasons set forth above, it is respectfully submitted that all of the pending 
claims are now in condition for allowance. Therefore, the issuance of a formal Notice of 
Allowance is believed next in order, and that action is most earnestly solicited. 

The Examiner is respectfully requested to contact the undersigned by telephone if 
it is believed that such contact would further the examination of the present application. 

If any applicable fee is missing or insufficient, throughout the pendency of this 
application, the Commissioner is hereby authorized to charge any applicable fees and to 
credit any overpayments to our Deposit Account No. 50-1302. 



Respectfully submitted, 

HICKMAN PALERMO TRUONG & BECKER LLP 



Dated: August 9, 2006 




ZhVQh/ng Gu 
Reg. No. 56,543 



2055 Gateway Place, Suite 550 
San Jose, California 951 10-1089 
Telephone No.: (408) 414-1236 
Facsimile No.: (408) 414-1076 




on Aug. 9. 2006 by ftlutjMib 




Martina Placid 
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